I need Bro IDS Script
[login to view URL]
1. torrent detect script.
- detect source IP , Port, info_hash, find_node, get_peers , and so on.
- Log to MySQL table.
2. SSH , Telnet , RDP brute force detect script.
- detect source IP , Port ....
- Log to MySQL table.
Bro IDS have default script above protocols.
But I need MySQL integration. Installation, Testing ... on my Bro Server.
[login to view URL]
[login to view URL]
#################
[ mysql tables ]
pid
source_ip
source_port
dest_ip
dest_port
category [ info_hash , find_node , get_peers, .... ]
value [ xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ]
insert_date
...